CVE-2021-34411 Vulnerability Details

  /     /     /  

CVE-2021-34411 Metadata Quick Info

CVE Published: 27/09/2021 | CVE Updated: 04/08/2024 | CVE Year: 2021
Source: Zoom | Vendor: n/a | Product: Zoom Rooms for Conference Room for Windows
Status : PUBLISHED

---

CVE-2021-34411 Description

During the installation process forZoom Rooms for Conference Room for Windows before version 5.3.0 it is possible to launch Internet Explorer with elevated privileges. If the installer was launched with elevated privileges such as by SCCM this can result in a local privilege escalation.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID:
CWE Name: Incorrect Privilege Assignment
Source: n/a

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).